diff options
| author | Malfurious <m@lfurio.us> | 2024-07-13 03:01:46 -0400 |
|---|---|---|
| committer | Malfurious <m@lfurio.us> | 2024-07-13 03:01:46 -0400 |
| commit | 9cfad5e40a180cf9df064de352d04e2935020e3d (patch) | |
| tree | df193eb61280f93cf488535a465865bc8101a6f1 | |
| parent | c8b6d74765064d6205f4d03b2051ee37b8943434 (diff) | |
| download | mailnode-9cfad5e40a180cf9df064de352d04e2935020e3d.tar.gz mailnode-9cfad5e40a180cf9df064de352d04e2935020e3d.zip | |
opendkim: Check additional headers to determine sender
Despite the default semantics for `InternalHosts` option in
opendkim.conf, OpenDKIM seems to generally only consider the labeled
sender of a message when deciding whether to sign a message or validate.
This means that previously, when a message was sent to a mailing list
from a domain outside of the mailnode host, the copies of this message
that the list sent out did not get a signature applied to them.
Since we will usually be injecting headers for mailing list information,
we can search these first to determine the message envelope sender.
X-Mailing-List will be the list's full address. Sender is added just in
case. Advice is taken from the "Mailing Lists" section of
http://www.opendkim.org/opendkim-README
Signed-off-by: Malfurious <m@lfurio.us>
| -rw-r--r-- | opendkim/opendkim.conf | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/opendkim/opendkim.conf b/opendkim/opendkim.conf index 11e1ec6..659d6f1 100644 --- a/opendkim/opendkim.conf +++ b/opendkim/opendkim.conf @@ -14,6 +14,7 @@ Canonicalization relaxed/simple #Mode sv #SubDomains no OversignHeaders From +SenderHeaders X-Mailing-List,Sender,From # Signing domain, selector, and key (required). For example, perform signing # for domain "example.com" with selector "2020" (2020._domainkey.example.com), |